package com.ufm.security.support;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Service;

import com.ufm.security.pojo.Rights;
import com.ufm.security.pojo.Roles;
import com.ufm.security.service.impl.RightsServiceImpl;
import com.ufm.security.service.impl.RolesServiceImpl;
@Service(value="securityMetadataSource")
public class MyInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
	private UrlMatcher urlMatcher = new AntUrlPathMatcher();
    private static Map<String, Collection<ConfigAttribute>> resourceMap = null;
    @Autowired
    private RightsServiceImpl rightsService;
    @Autowired
    private RolesServiceImpl rolesService;
    
    
    public MyInvocationSecurityMetadataSource() {
        //loadResourceDefine();
    }

    @PostConstruct
	private void loadResourceDefine() {
		//ApplicationContext context = new ClassPathXmlApplicationContext(new String[] {"servlet-context.xml"});	
		//authoritiesService = (IAuthoritiesService) context.getBean("authoritiesService");
		//resourcesService = (IResourcesService) context.getBean("resourcesService");
		//rolesService = (IRolesService) context.getBean("rolesService");
		resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
        List<Roles> allRoles = rolesService.findAll(new HashMap());
        for (Iterator iterator = allRoles.iterator(); iterator.hasNext();) {
			Roles roles = (Roles) iterator.next();
			List<Rights> allRights = rightsService.findByRoleId(roles.getId());
			for (Iterator iterator2 = allRights.iterator(); iterator2.hasNext();) {
				Rights rights = (Rights) iterator2.next();
				Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
		        ConfigAttribute ca = new SecurityConfig("ROLE_"+roles.getRole_name());
		        atts.add(ca);
		        resourceMap.put(rights.getRight_url(), atts);
			}
		}
    }

    // According to a URL, Find out permission configuration of this URL.
    public Collection<ConfigAttribute> getAttributes(Object object)
            throws IllegalArgumentException {
        // guess object is a URL.
        String url = ((FilterInvocation)object).getRequestUrl();
        Iterator<String> ite = resourceMap.keySet().iterator();
        while (ite.hasNext()) {
            String resURL = ite.next();
            if (urlMatcher.pathMatchesUrl(resURL, url)) {
                return resourceMap.get(resURL);
            }
        }
        return null;
    }

    public boolean supports(Class<?> clazz) {
        return true;
    }
    
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }
}
